A data breach at an online marketing services provider has exposed customer email addresses of companies including JP Morgan Chase and pharmacy giant Walgreens and many other large US businesses.

Epsilon revealed over the weekend that its email system had been hacked. “On March 30th, an incident was detected where a subset of Epsilon clients’ customer data were exposed by an unauthorised entry into Epsilon’s email system,” the company said in statement.

“The information that was obtained was limited to email addresses and/or customer names only,” it said. “A rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway.”

According to the Reuters news agency, banking giant and Epsilon customer JP Morgan Chase has confirmed that its customers’ email address had been compromised in the breach, as has pharmacy chains Walgreens pharmacy chain.

The news comes a week after UK retail, banking and services provider the Co-operative Group revealed that the email addresses of 83,000 of its customers had been exposed in a data breach at a third party marketing firm.

Both events highlight the need to ensure that third party data handlers have adequate security precautions in place. They also suggest that cyber criminals may be targeting marketing agencies with sophisticated attacks to get their hands on email addresses, which can be used to distribute spam linking to malware-infected websites.